AWS Client VPN SSO SAML Linux client

I'm trying to configure AWS Client VPN with AWS SSO to provide a VPN Server and clients to an organization, however I've found that when you use SSO with AWS Client VPN you have to use one of the clients from amazon, it seems that currently they only support Windows and Mac (https://docs.aws.amazon.com/vpn/latest/clientvpn-user/connect-aws-client-vpn-connect.html), however Linux is a requirement for my use case, and so far I have not been able to find a word about the usage in linux for that specific scenario, anyone knows of any way of making this work with or without their client? (without using a separate box as a bridge or server, ideally something native for linux) It would be great to know their roadmap for AWS Client VPN and if they plan at least to support it in the near future.

Thanks in advance.


Solution 1:

We have tried the solution mentioned in the following URL and it worked for us:

https://github.com/samm-git/aws-vpn-client/blob/master/aws-connect.sh

The detailed working of this solution is explained in :https://github.com/samm-git/aws-vpn-client/blob/master/aws-connect.sh.

We have made few changes in the configuration files to make it work.

  1. Removed the following lines in vpn.conf.

    • auth-user-pass
    • auth-federate
  2. Made the following change in line 38 in the script aws-connect.sh.

    open "$URL"
    

to

 xdg-open "$URL"

Solution 2:

It's officially supported now. Only for Ubuntu though. https://aws.amazon.com/vpn/client-vpn-download/ https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-linux.html

I managed to convert the deb package to rpm so I can use it on Fedora 33. Those are the steps. https://gist.github.com/miguelgmalpha/5c9e78d16312d156b0ec1d1c1bb09c1c

Solution 3:

AWS have a tentative date for Q1 2021 to release a Linux client, Waiting for that, they suggest to use the Open VPN software with AWS Client VPN AD integration.